OPERATIONS SECURITY 16 August 2004 OPERATIONS SECURITY 31 December 2003 OPERATIONS SECURITY RE:AR 530-1, CH 1 Is the process of analyzing friendly actions pursuant to military operations and other activities. OPSEC maintains essential secrecy, which is the condition achieved by the denial of critical information to adversaries. OPSEC is an operations function and not a security function which protect classified information. At battalion level the S-3is the staff proponent for OPSEC, he implements other OPSEC measures to maintain surprise and security. OPSEC applies during peace, crisis, and war to all operations and support activities. 5 Steps in the OPSEC Process RE:AR 530-1, CH 3 1. Identification of Critical Information 2. Analysis of Threats 3. Analysis of Vulnerabilities 4. Assessment of Risks 5. Application of Appropriate Countermeasures 1. Identification of Critical Information Para. 3-4 The purpose of this step is to determine what needs protection. Identify questions the enemy may ask (5Ws + 1H) Facts about your intentions, capabilities, limitations Information concerning protected person(s) Operational and Tactical information (OPORD) Test materials used in an academic environment Sensitive Information FOUO/Classified Information Identify the length of time critical information needs protection. 2. Analysis of Threats Para. 3-5 The purpose of this step is to identify all vulnerabilities and/or indicators. A vulnerability exists when an adversary can collect an indicator, correctly analyze the information, make a decision, and take timely actions to degrade friendly operations. Indicators are data derived from open sources or from detectable actions that an adversary can piece together or interpret to reach conclusions or estimates concerning friendly intentions, capabilities or activities. Examine each part of the OPORD/FRAGO to find OPSEC vulnerabilities/indicators. Threat Collection Efforts App E Human Intelligence (HUMINT) - Overt, Covert and Clandestine Open Source Intelligence (OSINT) (New update) Imagery Intelligence (IMINT) Signal Intelligence (SIGINT) 3 Types of Indicators App B-1, B-2 1. PROFILE- Activity patterns and signatures that shows how your activities are normally conducted. 2. DEVIATION- Profile changes which helps an adversary learn about your intentions, preparations, time and place. 3. TIP-OFF- Actions that warn or shows an adversary of friendly impending activity. Characteristics of an Indicator Signature is an identifiable trace or something that causes it to stand out. Associations compares current with past indicator information for relationship. Profiles are other indicators that have not been observed or detected. Contrast only needs be recognized not understood. Exposure includes duration, repetition, and timing of exposed indicator. 3. Analyze the Vulnerabilities para 3-6 The purpose of this step is to identify possible OPSEC measures for each vulnerability/indicator. OPSEC measures are methods and means to gain and maintain essential secrecy about critical information using: 1. Action Control: Select a COA, impose restraints on actions and determine the 5Ws +1H for actions necessary to accomplish collective/individual tasks. 2. Countermeasures attack the adversaries collection efforts using Diversions, Camouflage, Concealment, Jamming, Deception, Police Powers and Force. 3. Counteranalysis provides a possible alternate analysis for an indicator. Confuse the adversary analyst through deception. 3. Analyze the Vulnerabilities para 3-6 The purpose of this step is to identify possible OPSEC countermeasures for each vulnerability/indicator. Select two OPSEC countermeasures for each vulnerability/indicator. Some countermeasures interact and may apply to more than one vulnerability/indicator. Assess the sufficiency of routine security measures (PerSec, PhySec, InfoSec, ComSec). These will provide OPSEC countermeasures for residual vulnerabilities/indicator. 4. Assessment of Risks para 3-7 This step is to select the OPSEC countermeasures for implementation. The leader balance risking operational success/failure versus selecting the right/wrong OPSEC countermeasures. Check interaction of select OPSEC countermeasures. Coordinate select OPSEC countermeasures with lateral units and bring attach leaders into your briefings. The TF commander may decide on a “no-measures” alternative. 4. Application of Appropriate Countermeasures para 3-8 Apply the selected countermeasures, to the operation or incorporate into plans for future operations. Emphasize the adverse results if failure to maintain effective OPSEC. Implement countermeasures first on indicators requiring immediate action or as directed by the TF commander. Document the measures or state “no-measures” alternative. Monitor each countermeasures before and during execution, evaluate effectiveness. Recommend to improve effectiveness of countermeasures or select new measures when new vulnerabilities develop. Congratulations! You have completed your annual 2015 Operations Security Training PRINT GIVEN NAME No Nicknames COMPLETION DATE SIGNATURE NAF EMPLOYEE ID NUMBER By signing and submitting this certificate, I certify that I have read and understand the content in the training presentation. Fill in the required information above and get this certificate to your Department Training Liaison